The container runtime is software that is responsible for managing containers and container images on a Kubernetes node. containerd is a CNCF (Cloud Native Cloud Foundation) graduated container runtime. It supports Kubernetes natively, and is considered more resource efficient and secure than the Docker Engine for Kubernetes. Until Kubernetes 1.20, Docker Engine was the primary container runtime. However, Dockershim, the Docker Engine integration code in Kubernetes, was deprecated in Kubernetes 1.20, and has been removed in Kubernetes 1.24.
Going forward, you should use containerd in your clusters.
Support for containerd in an admin cluster
Google Distributed Cloud uses containerd for all admin cluster nodes.
Support for containerd in a user cluster
Google Distributed Cloud supports the following OS image types for user cluster nodes:
| OS image type | Container runtime | 
|---|---|
| ubuntu | Docker Engine | 
| ubuntu_containerd | containerd | 
| cos | containerd | 
| windows | Docker Engine or containerd | 
Restrictions and recommendations
- Starting in version 1.13.0, Google Distributed Cloud will no longer support the - ubuntuOS image type. All cluster nodes will use the containerd runtime.
- You will not be able to upgrade a cluster that uses Docker Engine to version 1.13. 
- Starting in version 1.12.0, you will no longer be able to create new clusters that use the - ubuntuOS image type. That is, you will no longer be able to create new clusters that use the Docker Engine container runtime.
- When you upgrade a user cluster from 1.11 to 1.12, you will be able to keep using the Docker Engine runtime in your 1.12 cluster. But we strongly recommend that you update your 1.11 cluster to use the containerd runtime before you upgrade to 1.12. 
Determine which node pools are using Docker Engine
Ubuntu
List the Ubuntu node pools that use Docker Engine:
kubectl --kubeconfig USER_CLUSTER_KUBECONFIG get onpremnodepools \
    -o json -A | jq -r '.items[] |select(.spec.osImageType == "ubuntu")|.metadata.name'
Replace USER_CLUSTER_KUBECONFIG with the path of the user cluster kubeconfig file.
Example output:
ubuntu-node-pool-1 ubuntu-node-pool-3
Windows
All Windows node pools in a user cluster use the same container runtime. The
runtime for Windows nodes is determined by the value of
enableWindowsDataplaneV2, which is a field in the user cluster
configuration'file.
If enableWindowsDataplaneV2 is true, all Windows nodes in the user cluster
use containerd. If it is false, all Windows nodes use Docker Engine.
Run the following command to determine which user clusters have
enableWindowsDataplaneV2 set to false. This tells you which user clusters
are configured to use Docker Engine for Windows nodes.
kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get onpremuserclusters \
    -A -o json | jq -r '.items[] |select(.spec.enableWindowsDataplaneV2 == false)|.metadata.name'
The output lists all user clusters that are configured to use Docker Engine for Windows nodes. For example:
user-cluster-1
Regardless of whether a user cluster has any Windows node pools, if the cluster
has enableWindowsDataplaneV2 set to false, you will not be able to upgrade
it to version 1.13.
Update Linux node pools to use containerd
For each node pool in the user cluster configuration file, set
osImageType
 ubuntu_containerd or cos.
Example:
nodePools - name: "my-node-pool" osImageType: "ubuntu_containerd"
Update the user cluster:
gkectl update cluster --kubeconfig ADMIN_CLUSTER_KUBECONFIG --config USER_CLUSTER_CONFIG
Replace the following:
- ADMIN_CLUSTER_KUBECONFIG: the path of the admin custer kubeconfig file 
- USER_CLUSTER_CONFIG: the path of the user cluster configuration file 
Update Windows nodes to use containerd
In the user cluster configuration file, set
enableWindowsDataplaneV2
to true.
enableWindowsDataplaneV2: true
Update the user cluster:
gkectl update cluster --kubeconfig ADMIN_CLUSTER_KUBECONFIG --config USER_CLUSTER_CONFIG
The preceding command sets the container runtime to containerd for all Windows nodes in the cluster.